Make sure the Cluster API external network is propagated to load balancers

2022-05-30 16:14:00 +01:00 · 2022-05-30 16:14:00 +01:00 · b6a660ba12
commit b6a660ba12
parent a53b6aa366
2 changed files with 30 additions and 2 deletions
--- a/charts/cluster-addons/templates/cloud-config.yaml
+++ b/charts/cluster-addons/templates/cloud-config.yaml
@ -9,9 +9,17 @@
 installType: custom
 custom:
  install: |
+    {{- if .Values.clusterApi }}
+    export EXTERNAL_NETWORK_ID="$(
+      KUBECONFIG= kubectl get openstackcluster \
+        {{ tpl .Values.clusterName . }} \
+        --namespace {{ .Release.Namespace }} \
+        -o jsonpath='{.status.externalNetwork.id}'
+    )"
+    {{- end }}
    gomplate --file secret.yaml.tpl | kubectl apply -f -
  delete: |
-    gomplate --file secret.yaml.tpl | kubectl delete -f -
+    kubectl delete secret --namespace kube-system cloud-config
 extraVolumes:
  - secret:
      name: {{ $secretName }}
@ -44,12 +52,22 @@ extraFiles:
        tls-insecure=true
        {{ "{{-" }} end {{ "}}" }}
        {{ "{{-" }} end {{ "}}" }}
-        {{- range $section, $items := omit .Values.openstack.cloudConfig "Global" }}
+        {{- range $section, $items := omit .Values.openstack.cloudConfig "Global" "LoadBalancer" }}
        [{{ $section }}]
        {{- range $name, $value := $items }}
        {{ $name }}={{ $value }}
        {{- end }}
        {{- end }}
+        [LoadBalancer]
+        {{- $lbItems := default dict .Values.openstack.cloudConfig.LoadBalancer }}
+        {{- if hasKey $lbItems "floating-network-id" }}
+        floating-network-id={{ index $lbItems "floating-network-id" }}
+        {{- else if .Values.clusterApi }}
+        floating-network-id={{ "{{" }} .Env.EXTERNAL_NETWORK_ID {{ "}}" }}
+        {{- end }}
+        {{- range $lbName, $lbValue := omit $lbItems "floating-network-id" }}
+        {{ $lbName }}={{ $lbValue }}
+        {{- end }}
 {{- end }}

 {{-
--- a/charts/cluster-addons/templates/rbac/role.yaml
+++ b/charts/cluster-addons/templates/rbac/role.yaml
@ -30,5 +30,15 @@ rules:
      - list
      - get
      - watch
+  {{- if .Values.openstack.enabled }}
+  - apiGroups:
+      - infrastructure.cluster.x-k8s.io
+    resources:
+      - openstackclusters
+    verbs:
+      - list
+      - get
+      - watch
+  {{- end }}
  {{- end }}
 {{- end }}